Senior Information Security Engineer
Hanover, MD or Remote USA
As a member of the IT and Security team you support the infrastructure needs of the company. The team is crucial to developing scalable processes to support delivery of the Dragos product lines. The Senior Information Security Engineer is tasked with taking Security Policy and turn them into actionable guidelines. You will work closely with various business unties to implement and ensure continued compliance. Successful candidates will lead by example, help plan and carry out the organization’s information security strategy. You will develop a set of security standards and best practices for the organization and recommend security enhancements to management as needed. In addition, you will develop strategies to respond to and recover from a security breach and are also responsible for educating the workforce on information security through training and building awareness. This position is also available either in Hanover, MD or remote. Preference is to Hanover, MD but the right candidate could be remote.
- Proactively identify and resolve potential problems to prevent them from occurring and improve overall security posture.
- Prioritize workload based on severity and impact to company and demonstrate a sense of urgency when handling tasks
- Participate in knowledge sharing via involvement in technical discussions and Knowledge Base documentation with other organizations
- Assist in risk assessment and mitigation activities.
- Conduct periodic network scans to find any vulnerability
- Monitor networks and systems for security breaches, using software that detects intrusions and anomalous system behavior
- Develop or implement open source/third-party tools to assist in detection, prevention and analysis of security threats
- Awareness training of the workforce on information security standards, policies and best practices
- Perform other duties and projects as assigned
- Direct experience with anti-virus software, intrusion detection, firewalls and content filtering
- Experience with and knowledge of Endpoint security solutions, including file integrity monitoring and data loss prevention
- Experience with AWS and cloud platform as a service (PaaS) security
- Experience with automating security testing tools
- Experience with Network Devices (Fortinet, Meraki)
- Knowledge of risk assessment tools, technologies and methods
- Experience designing secure networks, systems and application architectures
- Knowledge of disaster recovery, computer forensic tools, technologies and methods
- Experience planning, researching and developing security policies, standards and procedures
- Professional experience in a system administration role supporting multiple platforms and applications
- Ability to communicate network security issues to peers and management
- Proficient technical problem-solving skills
- Clear written communication skills, including trouble tickets and FAQ creation & maintenance
- Knowledge of networking fundamentals.
- Minimum 5 years of experience working within industry in related roles.
Nice to Hve
- Bachelor’s Degree in Information Technology, Computer Science, Engineering or related field
- Industry Certifications and memberships a plus
- Hands on experience with Crowdstrike Falcon
- Ability to fill multiple roles simultaneously
- Hands-on experience with Windows 10, Office 365 (Account Management, Exchange Online, Azure, Intune)
- Experience with Infrastructure as Code (Terraform)
- Firewall administration experience, network or host-based
- Ability to troubleshoot and resolve different levels of hardware and client desktop issues.
- Linux/Unix operating system administration
- Understanding of permission levels across Linux and Windows environments.
- Start-up Experience preferred
- Certified Information Systems Security Professional (CISSP)
- CISA – Certified Information Systems Auditor (CISA)
- CISM – Certified Information Security Manager (CISM)
Job tags: AWS Azure CISA CISM CISSP Firewall ICS Industrial Linux Malware Network security Open Source PaaS Petrochemical Risk assessment Strategy Unix Windows